Cyber threats are more serious than most people think

Rumors have it that cyber threats do not really sting us. They are all about the tops which we consider beyond our environment. In reality, computer infections are nothing but selective. We are all exposed to a multitude of cyber security risks. Distinguishing between different threat types allows us to recognize them better as well as protect our devices.

For instance, black hat hackers currently mass-mail a fake message from Delta Airlines [1] which looks pretty realistic. It is a targeted attack, meaning the crooks know the victim's name. They may even indicate the actual details of victims’ credit cards. The course of the attack is simple. The received email claims that the recipient has purchased an airline ticket. The email invites the victim to click on a link provided. Unfortunately, most people will do that and eventually allow the malicious payload to drop a malware on their PC.

You may also encounter something called spear phishing. This implies an attacker targets certain category of users e.g. visitors of the same online store on behalf of that store. The recipients are thus much more likely to trust and fall victims.

Whaling, as its name suggests, targets a big fish, customizing the attack. In this case, the stakes are high, and criminals stun their targets with plenty of personal data collected beforehand. Again, the success rate shifts expectations. Even Google was whaled for 100,000,000 USD [2].

When numbers tell the story

Stakes vary from mere to significant and even massive amounts. Businesses lose up to 1.6 million USD per single attack [3]. For individual users, the average attack costs are much lower, often leads to some inconveniences only.

The unexpected truth is that people too often process infectious email messages. A staggering 31% of recipients actually open the received spam. Nearly every third of those who open proceed with triggering the malware installation as they click the link or download the malicious attachment. This rate is much higher than for harmless emails: only 3% of users click the links available in legitimate letters, while the spam links meet the stunning 12% click rate. Meanwhile, over 60% of all emails observed in the wild are irrelevant — just spam.

The risks of identity theft

Most of us would not care: “I am just one of thousands. The odds are that they never attack me.”In that relation, please note the average price of a single credit card record is nearly 30 USD [4]. That ensures the number of data leaks increase dramatically, as well as suggests that any theft is not likely to be abandoned.

To this end, over 4 billion records were stolen [5] during data breaches in 2016 only. The good news is that most of the leaks limited to message contents without any passwords. On that other hand, the actual situation may be even more devastating as many businesses just refuse to disclose any relevant statistics. Perhaps they have in mind other findings which reveal that 15 percent of users would terminate their business relations [6] with hacked companies.

Ransomware Rage

2016 marked the release of 18,000,000 different infections [7] that keep your data encrypted for ransom. Major events are collected in this timeline [8].

To get installed, ransomware typically uses phishing tactics. Once inside a host device, the Trojan executes its malicious encryption payload. Victims suffer a loss of access to nearly every bit of data onboard.

Researchers suggest that the ransom amount for individuals ranges from 500 USD to 10,000 USD, with minor exceptions. Even if the victim pays the amount, there is a good chance that the crooks do not decrypt the data while retaining the ransom anyway. Only 42% of all the users concerned manage to recover their data, whether by paying the ransom, from a duly maintained backup or using available decryptors created by malware researchers.

Recent ransomware campaigns prefer corporate victims. IBM study shows that 70% of such users would pay [9]. The ransom amount for businesses usually falls within the range of 10 to 40 thousand dollars.

Fileless infections

As the name suggests, such malware drops no files [10]. Its instances exist as a part of another software process as Registry entries, BIOS or a RAM entry. Since the malware hits restricted area of a PC, custom AV solutions are of no use against their tricks.

Botnet Strikes Back

Cyber criminals infect thousands of computers. They may bring them together and create a botnet controlled from a remote server. This server launches a grand DDoS campaign aimed at a specific website. As a result, the attacked page collapses or becomes unavailable for real visitors.

Cyber security flaws that lead to malware infections

Perhaps the most important thing when trying to defend your PC against cyber threats is understanding our own weak spots. There are web and software security issues that we should take into consideration.

Web vulnerabilities. Semantic scanned millions of websites and 3 of 4 websites turned out to be vulnerable to hacking [11]. 1 of 10 websites is insecure, enabling the attacker to compromise devices that connect to this website. That is why Google excluded some 4 million web addresses from its search results in 2016. Web browsers may cause problems too. Despite the fact that their overall security is high, nearly 900 web browser flaws [12] were reported only in 2016. Some of those security flaws enable hackers to drop malware immediately on a host PC.

Software vulnerabilities. Most of the applications out there use Flash and Java. Meanwhile, hackers keep spotting and using new security flaws in those applications. Updates patch the vulnerabilities, but most of the computer users avoid this measure [12]. 2016 DUO Trusted Access Report indicates 25% of users run outdated IE version, 60% does not properly update Flash, 72% stick to old Java. That exposes users to extra security risks. For example, JavaScript vulnerabilities are widely exploited in drive-by downloads, as well as in stand-alone Java malware. Website-hosted malware called exploit kits are able to identify software flaws and run a vulnerability-based attack.

About the author

Lucia Danes
- Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.